diff options
author | Simon Kelley <simon@thekelleys.org.uk> | 2017-10-10 22:04:59 +0100 |
---|---|---|
committer | Simon Kelley <simon@thekelleys.org.uk> | 2017-10-10 22:04:59 +0100 |
commit | a49c5c22654da2eb3af5899e4edc3d047beb24d4 (patch) | |
tree | 9c42e17b02fa3a2e73ecfaff451cb90a12a5d5ab | |
parent | 30858e3b9b12500825a5dc4cd67902c3201c1b25 (diff) | |
download | dnsmasq-a49c5c22654da2eb3af5899e4edc3d047beb24d4.tar.gz |
Fix search_servers() segfault with DNSSEC.v2.79test1
--address=/example.com/<IP> would segfault if query on example.com
was generated as part of DNSSEC validation.
-rw-r--r-- | src/network.c | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/src/network.c b/src/network.c index c87b879..622c787 100644 --- a/src/network.c +++ b/src/network.c @@ -1460,13 +1460,6 @@ void check_servers(void) for (sfd = daemon->sfds; sfd; sfd = sfd->next) sfd->used = 0; -#ifdef HAVE_DNSSEC - /* Disable DNSSEC validation when using server=/domain/.... servers - unless there's a configured trust anchor. */ - for (serv = daemon->servers; serv; serv = serv->next) - serv->flags |= SERV_DO_DNSSEC; -#endif - for (count = 0, serv = daemon->servers; serv; serv = serv->next) { if (!(serv->flags & (SERV_LITERAL_ADDRESS | SERV_NO_ADDR | SERV_USE_RESOLV | SERV_NO_REBIND))) @@ -1478,6 +1471,11 @@ void check_servers(void) #ifdef HAVE_DNSSEC if (option_bool(OPT_DNSSEC_VALID)) { + if (!(serv->flags & SERV_FOR_NODOTS)) + serv->flags |= SERV_DO_DNSSEC; + + /* Disable DNSSEC validation when using server=/domain/.... servers + unless there's a configured trust anchor. */ if (serv->flags & SERV_HAS_DOMAIN) { struct ds_config *ds; @@ -1494,8 +1492,6 @@ void check_servers(void) if (!ds) serv->flags &= ~SERV_DO_DNSSEC; } - else if (serv->flags & SERV_FOR_NODOTS) - serv->flags &= ~SERV_DO_DNSSEC; } #endif |